From dev-return-75253-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org Mon Oct 29 16:20:49 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id A37EB180677 for ; Mon, 29 Oct 2018 16:20:48 +0100 (CET) Received: (qmail 90831 invoked by uid 500); 29 Oct 2018 15:20:47 -0000 Mailing-List: contact dev-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@zookeeper.apache.org Delivered-To: mailing list dev@zookeeper.apache.org Received: (qmail 90583 invoked by uid 99); 29 Oct 2018 15:20:46 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Oct 2018 15:20:46 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id BCA5FDFAE2; Mon, 29 Oct 2018 15:20:46 +0000 (UTC) From: anmolnar To: dev@zookeeper.apache.org Reply-To: dev@zookeeper.apache.org References: In-Reply-To: Subject: [GitHub] zookeeper pull request #678: ZOOKEEPER-3173: Quorum TLS - support PEM trust/... Content-Type: text/plain Message-Id: <20181029152046.BCA5FDFAE2@git1-us-west.apache.org> Date: Mon, 29 Oct 2018 15:20:46 +0000 (UTC) Github user anmolnar commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/678#discussion_r228958388 --- Diff: zookeeper-server/src/main/java/org/apache/zookeeper/common/X509Util.java --- @@ -79,12 +82,56 @@ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" }; + /** + * This enum represents the file type of a KeyStore or TrustStore. Currently, JKS (java keystore) and PEM types + * are supported. + */ + public enum StoreFileType { + JKS(".jks"), PEM(".pem"); + + private final String defaultFileExtension; + + StoreFileType(String defaultFileExtension) { + this.defaultFileExtension = defaultFileExtension; + } + + /** + * The property string that specifies that a key store or trust store should use this store file type. + */ + public String getPropertyValue() { + return this.name(); + } + + /** + * The file extension that is associated with this file type. + */ + public String getDefaultFileExtension() { + return defaultFileExtension; + } + + /** + * Converts a property value to a StoreFileType enum. If the property value is not set or is empty, returns + * null. + * @param prop the property value. + * @return the StoreFileType. + * @throws IllegalArgumentException if the property value is not "JKS", "PEM", or empty/null. + */ + public static StoreFileType fromPropertyValue(String prop) { + if (prop == null || prop.length() == 0) { + return null; + } + return StoreFileType.valueOf(prop.toUpperCase()); + } + } + private String sslProtocolProperty = getConfigPrefix() + "protocol"; private String cipherSuitesProperty = getConfigPrefix() + "ciphersuites"; private String sslKeystoreLocationProperty = getConfigPrefix() + "keyStore.location"; private String sslKeystorePasswdProperty = getConfigPrefix() + "keyStore.password"; + private String sslKeystoreTypeProperty = getConfigPrefix() + "keyStore.type"; --- End diff -- Do we need the ability to override the keystore type that we otherwise detect from the file extension? ---